]> git.ipfire.org Git - thirdparty/openssl.git/blame - test/evp_extra_test.c
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Fixed typo in code comment.
[thirdparty/openssl.git] / test / evp_extra_test.c
CommitLineData
440e5d80 1/*
fd38836b 2 * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
71ea6b48 3 *
909f1a2e 4 * Licensed under the Apache License 2.0 (the "License"). You may not use
440e5d80
RS		 5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
71ea6b48
MC		 8 */
9
10#include <stdio.h>
11#include <stdlib.h>
bb5f281a 12#include <string.h>
71ea6b48
MC		 13#include <openssl/bio.h>
14#include <openssl/crypto.h>
15#include <openssl/err.h>
16#include <openssl/evp.h>
17#include <openssl/rsa.h>
18#include <openssl/x509.h>
4803717f 19#include <openssl/pem.h>
10d5b415 20#include <openssl/kdf.h>
847d0f81 21#include <openssl/provider.h>
adcd8e37 22#include "testutil.h"
176db6dc 23#include "internal/nelem.h"
2aee35d3 24#include "internal/evp_int.h"
71ea6b48
MC		 25
26/*
27 * kExampleRSAKeyDER is an RSA private key in ASN.1, DER format. Of course, you
28 * should never use this key anywhere but in an example.
29 */
30static const unsigned char kExampleRSAKeyDER[] = {
31 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xf8,
32 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5, 0xb4, 0x59,
33 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e, 0xd3, 0x37,
34 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34, 0x75, 0x71,
35 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde, 0x97, 0x8a,
36 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8, 0x50, 0xe4,
37 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b, 0xdc, 0xec,
38 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83, 0x58, 0x76,
39 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48, 0x1a, 0xd8,
40 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a, 0x5c, 0xd7,
41 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2, 0xa7, 0x2c,
42 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01, 0x00, 0x01,
43 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a, 0x6d, 0xc7,
44 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5, 0x32, 0x85,
45 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6, 0x5f, 0xee,
46 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8, 0x66, 0x85,
47 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6, 0xa4, 0x0a,
48 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f, 0xc2, 0x15,
49 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c, 0x5b, 0x83,
50 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78, 0x80, 0x1b,
51 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71, 0x99, 0x73,
52 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60, 0x1f, 0x99,
53 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d, 0xb1, 0x02,
54 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3, 0x40, 0x41,
55 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d, 0x3d, 0x59,
56 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18, 0xc6, 0xd9,
57 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d, 0x9f, 0xef,
58 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32, 0x46, 0x87,
59 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc, 0x2c, 0xdf,
60 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63, 0x55, 0xf5,
61 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05, 0xcd, 0xb5,
62 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16, 0xb3, 0x62,
63 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3, 0x9b, 0x64,
64 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85, 0xfa, 0xb8,
65 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97, 0xe8, 0xba,
66 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7, 0xe7, 0xfe,
67 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99, 0x75, 0xe7,
68 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4, 0x9d, 0xfe,
69 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d, 0xf1, 0xdb,
70 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40, 0x5a, 0x34,
71 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26, 0x84, 0x27,
72 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1, 0xe9, 0xc0,
73 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c, 0xb9, 0xba,
74 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30, 0x10, 0x06,
75 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea, 0x52, 0x2c,
76 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b, 0xc4, 0x1e,
77 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e, 0x49, 0xaf,
78 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9, 0xd1, 0x8a,
79 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae, 0x17, 0x17,
80 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d, 0x08, 0xf1,
81 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
82};
83
2aee35d3
PY		 84/*
85 * kExampleBadRSAKeyDER is an RSA private key in ASN.1, DER format. The private
86 * components are not correct.
87 */
88static const unsigned char kExampleBadRSAKeyDER[] = {
89 0x30, 0x82, 0x04, 0x27, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,
90 0xa6, 0x1a, 0x1e, 0x6e, 0x7b, 0xee, 0xc6, 0x89, 0x66, 0xe7, 0x93, 0xef,
91 0x54, 0x12, 0x68, 0xea, 0xbf, 0x86, 0x2f, 0xdd, 0xd2, 0x79, 0xb8, 0xa9,
92 0x6e, 0x03, 0xc2, 0xa3, 0xb9, 0xa3, 0xe1, 0x4b, 0x2a, 0xb3, 0xf8, 0xb4,
93 0xcd, 0xea, 0xbe, 0x24, 0xa6, 0x57, 0x5b, 0x83, 0x1f, 0x0f, 0xf2, 0xd3,
94 0xb7, 0xac, 0x7e, 0xd6, 0x8e, 0x6e, 0x1e, 0xbf, 0xb8, 0x73, 0x8c, 0x05,
95 0x56, 0xe6, 0x35, 0x1f, 0xe9, 0x04, 0x0b, 0x09, 0x86, 0x7d, 0xf1, 0x26,
96 0x08, 0x99, 0xad, 0x7b, 0xc8, 0x4d, 0x94, 0xb0, 0x0b, 0x8b, 0x38, 0xa0,
97 0x5c, 0x62, 0xa0, 0xab, 0xd3, 0x8f, 0xd4, 0x09, 0x60, 0x72, 0x1e, 0x33,
98 0x50, 0x80, 0x6e, 0x22, 0xa6, 0x77, 0x57, 0x6b, 0x9a, 0x33, 0x21, 0x66,
99 0x87, 0x6e, 0x21, 0x7b, 0xc7, 0x24, 0x0e, 0xd8, 0x13, 0xdf, 0x83, 0xde,
100 0xcd, 0x40, 0x58, 0x1d, 0x84, 0x86, 0xeb, 0xb8, 0x12, 0x4e, 0xd2, 0xfa,
101 0x80, 0x1f, 0xe4, 0xe7, 0x96, 0x29, 0xb8, 0xcc, 0xce, 0x66, 0x6d, 0x53,
102 0xca, 0xb9, 0x5a, 0xd7, 0xf6, 0x84, 0x6c, 0x2d, 0x9a, 0x1a, 0x14, 0x1c,
103 0x4e, 0x93, 0x39, 0xba, 0x74, 0xed, 0xed, 0x87, 0x87, 0x5e, 0x48, 0x75,
104 0x36, 0xf0, 0xbc, 0x34, 0xfb, 0x29, 0xf9, 0x9f, 0x96, 0x5b, 0x0b, 0xa7,
105 0x54, 0x30, 0x51, 0x29, 0x18, 0x5b, 0x7d, 0xac, 0x0f, 0xd6, 0x5f, 0x7c,
106 0xf8, 0x98, 0x8c, 0xd8, 0x86, 0x62, 0xb3, 0xdc, 0xff, 0x0f, 0xff, 0x7a,
107 0xaf, 0x5c, 0x4c, 0x61, 0x49, 0x2e, 0xc8, 0x95, 0x86, 0xc4, 0x0e, 0x87,
108 0xfc, 0x1d, 0xcf, 0x8b, 0x7c, 0x61, 0xf6, 0xd8, 0xd0, 0x69, 0xf6, 0xcd,
109 0x8a, 0x8c, 0xf6, 0x62, 0xa2, 0x56, 0xa9, 0xe3, 0xd1, 0xcf, 0x4d, 0xa0,
110 0xf6, 0x2d, 0x20, 0x0a, 0x04, 0xb7, 0xa2, 0xf7, 0xb5, 0x99, 0x47, 0x18,
111 0x56, 0x85, 0x87, 0xc7, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01,
112 0x01, 0x00, 0x99, 0x41, 0x38, 0x1a, 0xd0, 0x96, 0x7a, 0xf0, 0x83, 0xd5,
113 0xdf, 0x94, 0xce, 0x89, 0x3d, 0xec, 0x7a, 0x52, 0x21, 0x10, 0x16, 0x06,
114 0xe0, 0xee, 0xd2, 0xe6, 0xfd, 0x4b, 0x7b, 0x19, 0x4d, 0xe1, 0xc0, 0xc0,
115 0xd5, 0x14, 0x5d, 0x79, 0xdd, 0x7e, 0x8b, 0x4b, 0xc6, 0xcf, 0xb0, 0x75,
116 0x52, 0xa3, 0x2d, 0xb1, 0x26, 0x46, 0x68, 0x9c, 0x0a, 0x1a, 0xf2, 0xe1,
117 0x09, 0xac, 0x53, 0x85, 0x8c, 0x36, 0xa9, 0x14, 0x65, 0xea, 0xa0, 0x00,
118 0xcb, 0xe3, 0x3f, 0xc4, 0x2b, 0x61, 0x2e, 0x6b, 0x06, 0x69, 0x77, 0xfd,
119 0x38, 0x7e, 0x1d, 0x3f, 0x92, 0xe7, 0x77, 0x08, 0x19, 0xa7, 0x9d, 0x29,
120 0x2d, 0xdc, 0x42, 0xc6, 0x7c, 0xd7, 0xd3, 0xa8, 0x01, 0x2c, 0xf2, 0xd5,
121 0x82, 0x57, 0xcb, 0x55, 0x3d, 0xe7, 0xaa, 0xd2, 0x06, 0x30, 0x30, 0x05,
122 0xe6, 0xf2, 0x47, 0x86, 0xba, 0xc6, 0x61, 0x64, 0xeb, 0x4f, 0x2a, 0x5e,
123 0x07, 0x29, 0xe0, 0x96, 0xb2, 0x43, 0xff, 0x5f, 0x1a, 0x54, 0x16, 0xcf,
124 0xb5, 0x56, 0x5c, 0xa0, 0x9b, 0x0c, 0xfd, 0xb3, 0xd2, 0xe3, 0x79, 0x1d,
125 0x21, 0xe2, 0xd6, 0x13, 0xc4, 0x74, 0xa6, 0xf5, 0x8e, 0x8e, 0x81, 0xbb,
126 0xb4, 0xad, 0x8a, 0xf0, 0x93, 0x0a, 0xd8, 0x0a, 0x42, 0x36, 0xbc, 0xe5,
127 0x26, 0x2a, 0x0d, 0x5d, 0x57, 0x13, 0xc5, 0x4e, 0x2f, 0x12, 0x0e, 0xef,
128 0xa7, 0x81, 0x1e, 0xc3, 0xa5, 0xdb, 0xc9, 0x24, 0xeb, 0x1a, 0xa1, 0xf9,
129 0xf6, 0xa1, 0x78, 0x98, 0x93, 0x77, 0x42, 0x45, 0x03, 0xe2, 0xc9, 0xa2,
130 0xfe, 0x2d, 0x77, 0xc8, 0xc6, 0xac, 0x9b, 0x98, 0x89, 0x6d, 0x9a, 0xe7,
131 0x61, 0x63, 0xb7, 0xf2, 0xec, 0xd6, 0xb1, 0xa1, 0x6e, 0x0a, 0x1a, 0xff,
132 0xfd, 0x43, 0x28, 0xc3, 0x0c, 0xdc, 0xf2, 0x47, 0x4f, 0x27, 0xaa, 0x99,
133 0x04, 0x8e, 0xac, 0xe8, 0x7c, 0x01, 0x02, 0x04, 0x12, 0x34, 0x56, 0x78,
134 0x02, 0x81, 0x81, 0x00, 0xca, 0x69, 0xe5, 0xbb, 0x3a, 0x90, 0x82, 0xcb,
135 0x82, 0x50, 0x2f, 0x29, 0xe2, 0x76, 0x6a, 0x57, 0x55, 0x45, 0x4e, 0x35,
136 0x18, 0x61, 0xe0, 0x12, 0x70, 0xc0, 0xab, 0xc7, 0x80, 0xa2, 0xd4, 0x46,
137 0x34, 0x03, 0xa0, 0x19, 0x26, 0x23, 0x9e, 0xef, 0x1a, 0xcb, 0x75, 0xd6,
138 0xba, 0x81, 0xf4, 0x7e, 0x52, 0xe5, 0x2a, 0xe8, 0xf1, 0x49, 0x6c, 0x0f,
139 0x1a, 0xa0, 0xf9, 0xc6, 0xe7, 0xec, 0x60, 0xe4, 0xcb, 0x2a, 0xb5, 0x56,
140 0xe9, 0x9c, 0xcd, 0x19, 0x75, 0x92, 0xb1, 0x66, 0xce, 0xc3, 0xd9, 0x3d,
141 0x11, 0xcb, 0xc4, 0x09, 0xce, 0x1e, 0x30, 0xba, 0x2f, 0x60, 0x60, 0x55,
142 0x8d, 0x02, 0xdc, 0x5d, 0xaf, 0xf7, 0x52, 0x31, 0x17, 0x07, 0x53, 0x20,
143 0x33, 0xad, 0x8c, 0xd5, 0x2f, 0x5a, 0xd0, 0x57, 0xd7, 0xd1, 0x80, 0xd6,
144 0x3a, 0x9b, 0x04, 0x4f, 0x35, 0xbf, 0xe7, 0xd5, 0xbc, 0x8f, 0xd4, 0x81,
145 0x02, 0x81, 0x81, 0x00, 0xc0, 0x9f, 0xf8, 0xcd, 0xf7, 0x3f, 0x26, 0x8a,
146 0x3d, 0x4d, 0x2b, 0x0c, 0x01, 0xd0, 0xa2, 0xb4, 0x18, 0xfe, 0xf7, 0x5e,
147 0x2f, 0x06, 0x13, 0xcd, 0x63, 0xaa, 0x12, 0xa9, 0x24, 0x86, 0xe3, 0xf3,
148 0x7b, 0xda, 0x1a, 0x3c, 0xb1, 0x38, 0x80, 0x80, 0xef, 0x64, 0x64, 0xa1,
149 0x9b, 0xfe, 0x76, 0x63, 0x8e, 0x83, 0xd2, 0xd9, 0xb9, 0x86, 0xb0, 0xe6,
150 0xa6, 0x0c, 0x7e, 0xa8, 0x84, 0x90, 0x98, 0x0c, 0x1e, 0xf3, 0x14, 0x77,
151 0xe0, 0x5f, 0x81, 0x08, 0x11, 0x8f, 0xa6, 0x23, 0xc4, 0xba, 0xc0, 0x8a,
152 0xe4, 0xc6, 0xe3, 0x5c, 0xbe, 0xc5, 0xec, 0x2c, 0xb9, 0xd8, 0x8c, 0x4d,
153 0x1a, 0x9d, 0xe7, 0x7c, 0x85, 0x4c, 0x0d, 0x71, 0x4e, 0x72, 0x33, 0x1b,
154 0xfe, 0xa9, 0x17, 0x72, 0x76, 0x56, 0x9d, 0x74, 0x7e, 0x52, 0x67, 0x9a,
155 0x87, 0x9a, 0xdb, 0x30, 0xde, 0xe4, 0x49, 0x28, 0x3b, 0xd2, 0x67, 0xaf,
156 0x02, 0x81, 0x81, 0x00, 0x89, 0x74, 0x9a, 0x8e, 0xa7, 0xb9, 0xa5, 0x28,
157 0xc0, 0x68, 0xe5, 0x6e, 0x63, 0x1c, 0x99, 0x20, 0x8f, 0x86, 0x8e, 0x12,
158 0x9e, 0x69, 0x30, 0xfa, 0x34, 0xd9, 0x92, 0x8d, 0xdb, 0x7c, 0x37, 0xfd,
159 0x28, 0xab, 0x61, 0x98, 0x52, 0x7f, 0x14, 0x1a, 0x39, 0xae, 0xfb, 0x6a,
160 0x03, 0xa3, 0xe6, 0xbd, 0xb6, 0x5b, 0x6b, 0xe5, 0x5e, 0x9d, 0xc6, 0xa5,
161 0x07, 0x27, 0x54, 0x17, 0xd0, 0x3d, 0x84, 0x9b, 0x3a, 0xa0, 0xd9, 0x1e,
162 0x99, 0x6c, 0x63, 0x17, 0xab, 0xf1, 0x1f, 0x49, 0xba, 0x95, 0xe3, 0x3b,
163 0x86, 0x8f, 0x42, 0xa4, 0x89, 0xf5, 0x94, 0x8f, 0x8b, 0x46, 0xbe, 0x84,
164 0xba, 0x4a, 0xbc, 0x0d, 0x5f, 0x46, 0xeb, 0xe8, 0xec, 0x43, 0x8c, 0x1e,
165 0xad, 0x19, 0x69, 0x2f, 0x08, 0x86, 0x7a, 0x3f, 0x7d, 0x0f, 0x07, 0x97,
166 0xf3, 0x9a, 0x7b, 0xb5, 0xb2, 0xc1, 0x8c, 0x95, 0x68, 0x04, 0xa0, 0x81,
167 0x02, 0x81, 0x80, 0x4e, 0xbf, 0x7e, 0x1b, 0xcb, 0x13, 0x61, 0x75, 0x3b,
168 0xdb, 0x59, 0x5f, 0xb1, 0xd4, 0xb8, 0xeb, 0x9e, 0x73, 0xb5, 0xe7, 0xf6,
169 0x89, 0x3d, 0x1c, 0xda, 0xf0, 0x36, 0xff, 0x35, 0xbd, 0x1e, 0x0b, 0x74,
170 0xe3, 0x9e, 0xf0, 0xf2, 0xf7, 0xd7, 0x82, 0xb7, 0x7b, 0x6a, 0x1b, 0x0e,
171 0x30, 0x4a, 0x98, 0x0e, 0xb4, 0xf9, 0x81, 0x07, 0xe4, 0x75, 0x39, 0xe9,
172 0x53, 0xca, 0xbb, 0x5c, 0xaa, 0x93, 0x07, 0x0e, 0xa8, 0x2f, 0xba, 0x98,
173 0x49, 0x30, 0xa7, 0xcc, 0x1a, 0x3c, 0x68, 0x0c, 0xe1, 0xa4, 0xb1, 0x05,
174 0xe6, 0xe0, 0x25, 0x78, 0x58, 0x14, 0x37, 0xf5, 0x1f, 0xe3, 0x22, 0xef,
175 0xa8, 0x0e, 0x22, 0xa0, 0x94, 0x3a, 0xf6, 0xc9, 0x13, 0xe6, 0x06, 0xbf,
176 0x7f, 0x99, 0xc6, 0xcc, 0xd8, 0xc6, 0xbe, 0xd9, 0x2e, 0x24, 0xc7, 0x69,
177 0x8c, 0x95, 0xba, 0xf6, 0x04, 0xb3, 0x0a, 0xf4, 0xcb, 0xf0, 0xce,
178};
179
71ea6b48
MC		 180static const unsigned char kMsg[] = { 1, 2, 3, 4 };
181
182static const unsigned char kSignature[] = {
183 0xa5, 0xf0, 0x8a, 0x47, 0x5d, 0x3c, 0xb3, 0xcc, 0xa9, 0x79, 0xaf, 0x4d,
184 0x8c, 0xae, 0x4c, 0x14, 0xef, 0xc2, 0x0b, 0x34, 0x36, 0xde, 0xf4, 0x3e,
185 0x3d, 0xbb, 0x4a, 0x60, 0x5c, 0xc8, 0x91, 0x28, 0xda, 0xfb, 0x7e, 0x04,
186 0x96, 0x7e, 0x63, 0x13, 0x90, 0xce, 0xb9, 0xb4, 0x62, 0x7a, 0xfd, 0x09,
187 0x3d, 0xc7, 0x67, 0x78, 0x54, 0x04, 0xeb, 0x52, 0x62, 0x6e, 0x24, 0x67,
188 0xb4, 0x40, 0xfc, 0x57, 0x62, 0xc6, 0xf1, 0x67, 0xc1, 0x97, 0x8f, 0x6a,
189 0xa8, 0xae, 0x44, 0x46, 0x5e, 0xab, 0x67, 0x17, 0x53, 0x19, 0x3a, 0xda,
190 0x5a, 0xc8, 0x16, 0x3e, 0x86, 0xd5, 0xc5, 0x71, 0x2f, 0xfc, 0x23, 0x48,
191 0xd9, 0x0b, 0x13, 0xdd, 0x7b, 0x5a, 0x25, 0x79, 0xef, 0xa5, 0x7b, 0x04,
192 0xed, 0x44, 0xf6, 0x18, 0x55, 0xe4, 0x0a, 0xe9, 0x57, 0x79, 0x5d, 0xd7,
193 0x55, 0xa7, 0xab, 0x45, 0x02, 0x97, 0x60, 0x42,
194};
195
196/*
197 * kExampleRSAKeyPKCS8 is kExampleRSAKeyDER encoded in a PKCS #8
198 * PrivateKeyInfo.
199 */
200static const unsigned char kExampleRSAKeyPKCS8[] = {
201 0x30, 0x82, 0x02, 0x76, 0x02, 0x01, 0x00, 0x30, 0x0d, 0x06, 0x09, 0x2a,
202 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82,
203 0x02, 0x60, 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81,
204 0x00, 0xf8, 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5,
205 0xb4, 0x59, 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e,
206 0xd3, 0x37, 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34,
207 0x75, 0x71, 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde,
208 0x97, 0x8a, 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8,
209 0x50, 0xe4, 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b,
210 0xdc, 0xec, 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83,
211 0x58, 0x76, 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48,
212 0x1a, 0xd8, 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a,
213 0x5c, 0xd7, 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2,
214 0xa7, 0x2c, 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01,
215 0x00, 0x01, 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a,
216 0x6d, 0xc7, 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5,
217 0x32, 0x85, 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6,
218 0x5f, 0xee, 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8,
219 0x66, 0x85, 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6,
220 0xa4, 0x0a, 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f,
221 0xc2, 0x15, 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c,
222 0x5b, 0x83, 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78,
223 0x80, 0x1b, 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71,
224 0x99, 0x73, 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60,
225 0x1f, 0x99, 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d,
226 0xb1, 0x02, 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3,
227 0x40, 0x41, 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d,
228 0x3d, 0x59, 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18,
229 0xc6, 0xd9, 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d,
230 0x9f, 0xef, 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32,
231 0x46, 0x87, 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc,
232 0x2c, 0xdf, 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63,
233 0x55, 0xf5, 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05,
234 0xcd, 0xb5, 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16,
235 0xb3, 0x62, 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3,
236 0x9b, 0x64, 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85,
237 0xfa, 0xb8, 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97,
238 0xe8, 0xba, 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7,
239 0xe7, 0xfe, 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99,
240 0x75, 0xe7, 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4,
241 0x9d, 0xfe, 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d,
242 0xf1, 0xdb, 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40,
243 0x5a, 0x34, 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26,
244 0x84, 0x27, 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1,
245 0xe9, 0xc0, 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c,
246 0xb9, 0xba, 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30,
247 0x10, 0x06, 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea,
248 0x52, 0x2c, 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b,
249 0xc4, 0x1e, 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e,
250 0x49, 0xaf, 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9,
251 0xd1, 0x8a, 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae,
252 0x17, 0x17, 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d,
253 0x08, 0xf1, 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
254};
255
a9880362 256#ifndef OPENSSL_NO_EC
71ea6b48
MC		 257/*
258 * kExampleECKeyDER is a sample EC private key encoded as an ECPrivateKey
259 * structure.
260 */
261static const unsigned char kExampleECKeyDER[] = {
262 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0x07, 0x0f, 0x08, 0x72, 0x7a,
263 0xd4, 0xa0, 0x4a, 0x9c, 0xdd, 0x59, 0xc9, 0x4d, 0x89, 0x68, 0x77, 0x08,
264 0xb5, 0x6f, 0xc9, 0x5d, 0x30, 0x77, 0x0e, 0xe8, 0xd1, 0xc9, 0xce, 0x0a,
265 0x8b, 0xb4, 0x6a, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
266 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0xe6, 0x2b, 0x69,
267 0xe2, 0xbf, 0x65, 0x9f, 0x97, 0xbe, 0x2f, 0x1e, 0x0d, 0x94, 0x8a, 0x4c,
268 0xd5, 0x97, 0x6b, 0xb7, 0xa9, 0x1e, 0x0d, 0x46, 0xfb, 0xdd, 0xa9, 0xa9,
269 0x1e, 0x9d, 0xdc, 0xba, 0x5a, 0x01, 0xe7, 0xd6, 0x97, 0xa8, 0x0a, 0x18,
270 0xf9, 0xc3, 0xc4, 0xa3, 0x1e, 0x56, 0xe2, 0x7c, 0x83, 0x48, 0xdb, 0x16,
271 0x1a, 0x1c, 0xf5, 0x1d, 0x7e, 0xf1, 0x94, 0x2d, 0x4b, 0xcf, 0x72, 0x22,
272 0xc1,
273};
274
275/*
276 * kExampleBadECKeyDER is a sample EC private key encoded as an ECPrivateKey
277 * structure. The private key is equal to the order and will fail to import
278 */
279static const unsigned char kExampleBadECKeyDER[] = {
280 0x30, 0x66, 0x02, 0x01, 0x00, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48,
281 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03,
282 0x01, 0x07, 0x04, 0x4C, 0x30, 0x4A, 0x02, 0x01, 0x01, 0x04, 0x20, 0xFF,
283 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
284 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84, 0xF3,
285 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51, 0xA1, 0x23, 0x03, 0x21, 0x00,
286 0x00, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
287 0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84,
288 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51
289};
b0004708
PY		 290
291/* prime256v1 */
292static const unsigned char kExampleECPubKeyDER[] = {
293 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
294 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
295 0x42, 0x00, 0x04, 0xba, 0xeb, 0x83, 0xfb, 0x3b, 0xb2, 0xff, 0x30, 0x53,
296 0xdb, 0xce, 0x32, 0xf2, 0xac, 0xae, 0x44, 0x0d, 0x3d, 0x13, 0x53, 0xb8,
297 0xd1, 0x68, 0x55, 0xde, 0x44, 0x46, 0x05, 0xa6, 0xc9, 0xd2, 0x04, 0xb7,
298 0xe3, 0xa2, 0x96, 0xc8, 0xb2, 0x5e, 0x22, 0x03, 0xd7, 0x03, 0x7a, 0x8b,
299 0x13, 0x5c, 0x42, 0x49, 0xc2, 0xab, 0x86, 0xd6, 0xac, 0x6b, 0x93, 0x20,
300 0x56, 0x6a, 0xc6, 0xc8, 0xa5, 0x0b, 0xe5
301};
302
5dc40a83 303/*
87762939 304 * kExampleBadECPubKeyDER is a sample EC public key with a wrong OID
5dc40a83
BE		 305 * 1.2.840.10045.2.2 instead of 1.2.840.10045.2.1 - EC Public Key
306 */
307static const unsigned char kExampleBadECPubKeyDER[] = {
308 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
309 0x02, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
310 0x42, 0x00, 0x04, 0xba, 0xeb, 0x83, 0xfb, 0x3b, 0xb2, 0xff, 0x30, 0x53,
311 0xdb, 0xce, 0x32, 0xf2, 0xac, 0xae, 0x44, 0x0d, 0x3d, 0x13, 0x53, 0xb8,
312 0xd1, 0x68, 0x55, 0xde, 0x44, 0x46, 0x05, 0xa6, 0xc9, 0xd2, 0x04, 0xb7,
313 0xe3, 0xa2, 0x96, 0xc8, 0xb2, 0x5e, 0x22, 0x03, 0xd7, 0x03, 0x7a, 0x8b,
314 0x13, 0x5c, 0x42, 0x49, 0xc2, 0xab, 0x86, 0xd6, 0xac, 0x6b, 0x93, 0x20,
315 0x56, 0x6a, 0xc6, 0xc8, 0xa5, 0x0b, 0xe5
316};
317
b0004708
PY		 318static const unsigned char pExampleECParamDER[] = {
319 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07
320};
a9880362 321#endif
71ea6b48 322
adcd8e37
RS		 323typedef struct APK_DATA_st {
324 const unsigned char *kder;
325 size_t size;
326 int evptype;
2aee35d3 327 int check;
b0004708
PY		 328 int pub_check;
329 int param_check;
330 int type; /* 0 for private, 1 for public, 2 for params */
adcd8e37
RS		 331} APK_DATA;
332
333static APK_DATA keydata[] = {
334 {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), EVP_PKEY_RSA},
335 {kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8), EVP_PKEY_RSA},
aa24cd1b 336#ifndef OPENSSL_NO_EC
adcd8e37 337 {kExampleECKeyDER, sizeof(kExampleECKeyDER), EVP_PKEY_EC}
aa24cd1b 338#endif
adcd8e37
RS		 339};
340
2aee35d3 341static APK_DATA keycheckdata[] = {
b0004708
PY		 342 {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), EVP_PKEY_RSA, 1, -2, -2, 0},
343 {kExampleBadRSAKeyDER, sizeof(kExampleBadRSAKeyDER), EVP_PKEY_RSA,
344 0, -2, -2, 0},
2aee35d3 345#ifndef OPENSSL_NO_EC
b0004708
PY		 346 {kExampleECKeyDER, sizeof(kExampleECKeyDER), EVP_PKEY_EC, 1, 1, 1, 0},
347 /* group is also associated in our pub key */
348 {kExampleECPubKeyDER, sizeof(kExampleECPubKeyDER), EVP_PKEY_EC, 0, 1, 1, 1},
349 {pExampleECParamDER, sizeof(pExampleECParamDER), EVP_PKEY_EC, 0, 0, 1, 2}
2aee35d3
PY		 350#endif
351};
352
71ea6b48
MC		 353static EVP_PKEY *load_example_rsa_key(void)
354{
355 EVP_PKEY *ret = NULL;
356 const unsigned char *derp = kExampleRSAKeyDER;
357 EVP_PKEY *pkey = NULL;
358 RSA *rsa = NULL;
359
adcd8e37 360 if (!TEST_true(d2i_RSAPrivateKey(&rsa, &derp, sizeof(kExampleRSAKeyDER))))
71ea6b48 361 return NULL;
71ea6b48 362
adcd8e37
RS		 363 if (!TEST_ptr(pkey = EVP_PKEY_new())
364 || !TEST_true(EVP_PKEY_set1_RSA(pkey, rsa)))
365 goto end;
71ea6b48
MC		 366
367 ret = pkey;
368 pkey = NULL;
369
adcd8e37 370end:
c5ba2d99 371 EVP_PKEY_free(pkey);
d6407083 372 RSA_free(rsa);
71ea6b48
MC		 373
374 return ret;
375}
376
2eb2b4f3
SL		 377static int test_EVP_Enveloped(void)
378{
379 int ret = 0;
380 EVP_CIPHER_CTX *ctx = NULL;
381 EVP_PKEY *keypair = NULL;
382 unsigned char *kek = NULL;
383 unsigned char iv[EVP_MAX_IV_LENGTH];
384 static const unsigned char msg[] = { 1, 2, 3, 4, 5, 6, 7, 8 };
385 int len, kek_len, ciphertext_len, plaintext_len;
386 unsigned char ciphertext[32], plaintext[16];
387 const EVP_CIPHER *type = EVP_aes_256_cbc();
388
389 if (!TEST_ptr(keypair = load_example_rsa_key())
390 || !TEST_ptr(kek = OPENSSL_zalloc(EVP_PKEY_size(keypair)))
391 || !TEST_ptr(ctx = EVP_CIPHER_CTX_new())
392 || !TEST_true(EVP_SealInit(ctx, type, &kek, &kek_len, iv,
393 &keypair, 1))
394 || !TEST_true(EVP_SealUpdate(ctx, ciphertext, &ciphertext_len,
395 msg, sizeof(msg)))
396 || !TEST_true(EVP_SealFinal(ctx, ciphertext + ciphertext_len,
397 &len)))
398 goto err;
399
400 ciphertext_len += len;
401
402 if (!TEST_true(EVP_OpenInit(ctx, type, kek, kek_len, iv, keypair))
403 || !TEST_true(EVP_OpenUpdate(ctx, plaintext, &plaintext_len,
404 ciphertext, ciphertext_len))
405 || !TEST_true(EVP_OpenFinal(ctx, plaintext + plaintext_len, &len)))
406 goto err;
407
408 plaintext_len += len;
409 if (!TEST_mem_eq(msg, sizeof(msg), plaintext, plaintext_len))
410 goto err;
411
412 ret = 1;
413err:
414 OPENSSL_free(kek);
415 EVP_PKEY_free(keypair);
416 EVP_CIPHER_CTX_free(ctx);
417 return ret;
418}
419
420
71ea6b48
MC		 421static int test_EVP_DigestSignInit(void)
422{
423 int ret = 0;
424 EVP_PKEY *pkey = NULL;
425 unsigned char *sig = NULL;
426 size_t sig_len = 0;
adcd8e37 427 EVP_MD_CTX *md_ctx, *md_ctx_verify = NULL;
71ea6b48 428
adcd8e37
RS		 429 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new())
430 || !TEST_ptr(md_ctx_verify = EVP_MD_CTX_new())
431 || !TEST_ptr(pkey = load_example_rsa_key()))
6e59a892 432 goto out;
71ea6b48 433
adcd8e37
RS		 434 if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, EVP_sha256(), NULL, pkey))
435 || !TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))))
71ea6b48 436 goto out;
adcd8e37 437
71ea6b48 438 /* Determine the size of the signature. */
adcd8e37
RS		 439 if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len))
440 || !TEST_size_t_eq(sig_len, (size_t)EVP_PKEY_size(pkey)))
71ea6b48 441 goto out;
71ea6b48 442
adcd8e37
RS		 443 if (!TEST_ptr(sig = OPENSSL_malloc(sig_len))
444 || !TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len)))
71ea6b48 445 goto out;
71ea6b48
MC		 446
447 /* Ensure that the signature round-trips. */
adcd8e37
RS		 448 if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sha256(),
449 NULL, pkey))
450 || !TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify,
451 kMsg, sizeof(kMsg)))
452 || !TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)))
71ea6b48 453 goto out;
71ea6b48
MC		 454
455 ret = 1;
456
457 out:
bfb0641f
RL		 458 EVP_MD_CTX_free(md_ctx);
459 EVP_MD_CTX_free(md_ctx_verify);
c5ba2d99 460 EVP_PKEY_free(pkey);
b548a1f1 461 OPENSSL_free(sig);
71ea6b48
MC		 462
463 return ret;
464}
465
466static int test_EVP_DigestVerifyInit(void)
467{
468 int ret = 0;
469 EVP_PKEY *pkey = NULL;
adcd8e37 470 EVP_MD_CTX *md_ctx = NULL;
71ea6b48 471
adcd8e37
RS		 472 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new())
473 || !TEST_ptr(pkey = load_example_rsa_key()))
474 goto out;
71ea6b48 475
adcd8e37
RS		 476 if (!TEST_true(EVP_DigestVerifyInit(md_ctx, NULL, EVP_sha256(), NULL, pkey))
477 || !TEST_true(EVP_DigestVerifyUpdate(md_ctx, kMsg, sizeof(kMsg)))
478 || !TEST_true(EVP_DigestVerifyFinal(md_ctx, kSignature,
479 sizeof(kSignature))))
71ea6b48 480 goto out;
71ea6b48
MC		 481 ret = 1;
482
483 out:
bfb0641f 484 EVP_MD_CTX_free(md_ctx);
c5ba2d99 485 EVP_PKEY_free(pkey);
71ea6b48
MC		 486 return ret;
487}
488
adcd8e37 489static int test_d2i_AutoPrivateKey(int i)
71ea6b48
MC		 490{
491 int ret = 0;
492 const unsigned char *p;
493 EVP_PKEY *pkey = NULL;
adcd8e37
RS		 494 const APK_DATA *ak = &keydata[i];
495 const unsigned char *input = ak->kder;
496 size_t input_len = ak->size;
497 int expected_id = ak->evptype;
71ea6b48
MC		 498
499 p = input;
adcd8e37
RS		 500 if (!TEST_ptr(pkey = d2i_AutoPrivateKey(NULL, &p, input_len))
501 || !TEST_ptr_eq(p, input + input_len)
502 || !TEST_int_eq(EVP_PKEY_id(pkey), expected_id))
71ea6b48 503 goto done;
71ea6b48
MC		 504
505 ret = 1;
506
507 done:
c5ba2d99 508 EVP_PKEY_free(pkey);
71ea6b48
MC		 509 return ret;
510}
511
a9880362 512#ifndef OPENSSL_NO_EC
cad8347b
SL		 513
514static const unsigned char ec_public_sect163k1_validxy[] = {
515 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
516 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
517 0x02, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
518 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0x79, 0x02, 0xd1, 0x7b,
519 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
520 0x6a, 0xd8, 0x17, 0x65, 0x41, 0x2f
521};
522
523static const unsigned char ec_public_sect163k1_badx[] = {
524 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
525 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
526 0x0a, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
527 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0xb0, 0x02, 0xd1, 0x7b,
528 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
529 0x6a, 0xd8, 0x17, 0x65, 0x41, 0x2f
530};
531
532static const unsigned char ec_public_sect163k1_bady[] = {
533 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
534 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
535 0x02, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
536 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0x79, 0x0a, 0xd1, 0x7b,
537 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
538 0x6a, 0xd8, 0x17, 0x65, 0x41, 0xe6
539};
540
541static struct ec_der_pub_keys_st {
542 const unsigned char *der;
543 size_t len;
544 int valid;
545} ec_der_pub_keys[] = {
546 { ec_public_sect163k1_validxy, sizeof(ec_public_sect163k1_validxy), 1 },
547 { ec_public_sect163k1_badx, sizeof(ec_public_sect163k1_badx), 0 },
548 { ec_public_sect163k1_bady, sizeof(ec_public_sect163k1_bady), 0 },
549};
550
551/*
552 * Tests the range of the decoded EC char2 public point.
553 * See ec_GF2m_simple_oct2point().
554 */
555static int test_invalide_ec_char2_pub_range_decode(int id)
556{
557 int ret = 0;
558 BIO *bio = NULL;
559 EC_KEY *eckey = NULL;
560
561 if (!TEST_ptr(bio = BIO_new_mem_buf(ec_der_pub_keys[id].der,
562 ec_der_pub_keys[id].len)))
563 goto err;
564 eckey = d2i_EC_PUBKEY_bio(bio, NULL);
565 ret = (ec_der_pub_keys[id].valid && TEST_ptr(eckey))
566 || TEST_ptr_null(eckey);
567err:
568 EC_KEY_free(eckey);
569 BIO_free(bio);
570 return ret;
571}
572
71ea6b48
MC		 573/* Tests loading a bad key in PKCS8 format */
574static int test_EVP_PKCS82PKEY(void)
575{
576 int ret = 0;
577 const unsigned char *derp = kExampleBadECKeyDER;
578 PKCS8_PRIV_KEY_INFO *p8inf = NULL;
579 EVP_PKEY *pkey = NULL;
580
adcd8e37
RS		 581 if (!TEST_ptr(p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, &derp,
582 sizeof(kExampleBadECKeyDER))))
583 goto done;
71ea6b48 584
adcd8e37
RS		 585 if (!TEST_ptr_eq(derp,
586 kExampleBadECKeyDER + sizeof(kExampleBadECKeyDER)))
71ea6b48 587 goto done;
71ea6b48 588
adcd8e37 589 if (!TEST_ptr_null(pkey = EVP_PKCS82PKEY(p8inf)))
71ea6b48 590 goto done;
71ea6b48
MC		 591
592 ret = 1;
593
594 done:
e0e920b1 595 PKCS8_PRIV_KEY_INFO_free(p8inf);
c5ba2d99 596 EVP_PKEY_free(pkey);
71ea6b48
MC		 597
598 return ret;
599}
a9880362 600#endif
71ea6b48 601
ddb634fe
JL		 602#ifndef OPENSSL_NO_SM2
603
a6c4cb84
JL		 604static int test_EVP_SM2_verify(void)
605{
606 /* From https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02#appendix-A */
607 const char *pubkey =
608 "-----BEGIN PUBLIC KEY-----\n"
609 "MIIBMzCB7AYHKoZIzj0CATCB4AIBATAsBgcqhkjOPQEBAiEAhULWnkwETxjouSQ1\n"
610 "v2/33kVyg5FcRVF9ci7biwjx38MwRAQgeHlotPoyw/0kF4Quc7v+/y88hItoMdfg\n"
611 "7GUiizk35JgEIGPkxtOyOwyEnPhCQUhL/kj2HVmlsWugbm4S0donxSSaBEEEQh3r\n"
612 "1hti6rZ0ZDTrw8wxXjIiCzut1QvcTE5sFH/t1D0GgFEry7QsB9RzSdIVO3DE5df9\n"
613 "/L+jbqGoWEG55G4JogIhAIVC1p5MBE8Y6LkkNb9v990pdyBjBIVijVrnTufDLnm3\n"
614 "AgEBA0IABArkx3mKoPEZRxvuEYJb5GICu3nipYRElel8BP9N8lSKfAJA+I8c1OFj\n"
615 "Uqc8F7fxbwc1PlOhdtaEqf4Ma7eY6Fc=\n"
616 "-----END PUBLIC KEY-----\n";
617
618 const char *msg = "message digest";
619 const char *id = "ALICE123@YAHOO.COM";
620
621 const uint8_t signature[] = {
622 0x30, 0x44, 0x02, 0x20,
623
624 0x40, 0xF1, 0xEC, 0x59, 0xF7, 0x93, 0xD9, 0xF4, 0x9E, 0x09, 0xDC,
625 0xEF, 0x49, 0x13, 0x0D, 0x41, 0x94, 0xF7, 0x9F, 0xB1, 0xEE, 0xD2,
626 0xCA, 0xA5, 0x5B, 0xAC, 0xDB, 0x49, 0xC4, 0xE7, 0x55, 0xD1,
627
628 0x02, 0x20,
629
630 0x6F, 0xC6, 0xDA, 0xC3, 0x2C, 0x5D, 0x5C, 0xF1, 0x0C, 0x77, 0xDF,
631 0xB2, 0x0F, 0x7C, 0x2E, 0xB6, 0x67, 0xA4, 0x57, 0x87, 0x2F, 0xB0,
632 0x9E, 0xC5, 0x63, 0x27, 0xA6, 0x7E, 0xC7, 0xDE, 0xEB, 0xE7
633 };
634
635 int rc = 0;
636 BIO *bio = NULL;
637 EVP_PKEY *pkey = NULL;
638 EVP_MD_CTX *mctx = NULL;
639 EVP_PKEY_CTX *pctx = NULL;
640
641 bio = BIO_new_mem_buf(pubkey, strlen(pubkey));
642 if (!TEST_true(bio != NULL))
643 goto done;
644
645 pkey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);
646 if (!TEST_true(pkey != NULL))
647 goto done;
648
649 if (!TEST_true(EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)))
650 goto done;
651
652 if (!TEST_ptr(mctx = EVP_MD_CTX_new()))
653 goto done;
654
655 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new(pkey, NULL)))
656 goto done;
657
658 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(pctx, (const uint8_t *)id,
659 strlen(id)), 0))
660 goto done;
661
662 EVP_MD_CTX_set_pkey_ctx(mctx, pctx);
663
664 if (!TEST_true(EVP_DigestVerifyInit(mctx, NULL, EVP_sm3(), NULL, pkey)))
665 goto done;
666
667 if (!TEST_true(EVP_DigestVerifyUpdate(mctx, msg, strlen(msg))))
668 goto done;
669
670 if (!TEST_true(EVP_DigestVerifyFinal(mctx, signature, sizeof(signature))))
671 goto done;
672 rc = 1;
673
674 done:
675 BIO_free(bio);
676 EVP_PKEY_free(pkey);
677 EVP_PKEY_CTX_free(pctx);
678 EVP_MD_CTX_free(mctx);
679 return rc;
680}
681
ddb634fe
JL		 682static int test_EVP_SM2(void)
683{
684 int ret = 0;
685 EVP_PKEY *pkey = NULL;
686 EVP_PKEY *params = NULL;
687 EVP_PKEY_CTX *pctx = NULL;
688 EVP_PKEY_CTX *kctx = NULL;
4803717f 689 EVP_PKEY_CTX *sctx = NULL;
ddb634fe
JL		 690 size_t sig_len = 0;
691 unsigned char *sig = NULL;
692 EVP_MD_CTX *md_ctx = NULL;
693 EVP_MD_CTX *md_ctx_verify = NULL;
694 EVP_PKEY_CTX *cctx = NULL;
695
696 uint8_t ciphertext[128];
697 size_t ctext_len = sizeof(ciphertext);
698
699 uint8_t plaintext[8];
700 size_t ptext_len = sizeof(plaintext);
701
4803717f
PY		 702 uint8_t sm2_id[] = {1, 2, 3, 4, 'l', 'e', 't', 't', 'e', 'r'};
703
ddb634fe
JL		 704 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL);
705 if (!TEST_ptr(pctx))
706 goto done;
707
708 if (!TEST_true(EVP_PKEY_paramgen_init(pctx) == 1))
709 goto done;
710
711 if (!TEST_true(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, NID_sm2)))
712 goto done;
713
714 if (!TEST_true(EVP_PKEY_paramgen(pctx, &params)))
715 goto done;
716
717 kctx = EVP_PKEY_CTX_new(params, NULL);
718 if (!TEST_ptr(kctx))
719 goto done;
720
721 if (!TEST_true(EVP_PKEY_keygen_init(kctx)))
722 goto done;
723
724 if (!TEST_true(EVP_PKEY_keygen(kctx, &pkey)))
725 goto done;
726
727 if (!TEST_true(EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)))
728 goto done;
729
730 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new()))
731 goto done;
732
733 if (!TEST_ptr(md_ctx_verify = EVP_MD_CTX_new()))
734 goto done;
735
4803717f
PY		 736 if (!TEST_ptr(sctx = EVP_PKEY_CTX_new(pkey, NULL)))
737 goto done;
738
739 EVP_MD_CTX_set_pkey_ctx(md_ctx, sctx);
740 EVP_MD_CTX_set_pkey_ctx(md_ctx_verify, sctx);
741
742 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(sctx, sm2_id, sizeof(sm2_id)), 0))
743 goto done;
744
ddb634fe
JL		 745 if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, EVP_sm3(), NULL, pkey)))
746 goto done;
747
748 if(!TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))))
749 goto done;
750
751 /* Determine the size of the signature. */
752 if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len)))
753 goto done;
754
755 if (!TEST_size_t_eq(sig_len, (size_t)EVP_PKEY_size(pkey)))
756 goto done;
757
758 if (!TEST_ptr(sig = OPENSSL_malloc(sig_len)))
759 goto done;
760
761 if (!TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len)))
762 goto done;
763
764 /* Ensure that the signature round-trips. */
765
766 if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sm3(), NULL, pkey)))
767 goto done;
768
769 if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg, sizeof(kMsg))))
770 goto done;
771
772 if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)))
773 goto done;
774
775 /* now check encryption/decryption */
776
777 if (!TEST_ptr(cctx = EVP_PKEY_CTX_new(pkey, NULL)))
778 goto done;
779
780 if (!TEST_true(EVP_PKEY_encrypt_init(cctx)))
781 goto done;
782
783 if (!TEST_true(EVP_PKEY_encrypt(cctx, ciphertext, &ctext_len, kMsg, sizeof(kMsg))))
784 goto done;
785
786 if (!TEST_true(EVP_PKEY_decrypt_init(cctx)))
787 goto done;
788
789 if (!TEST_true(EVP_PKEY_decrypt(cctx, plaintext, &ptext_len, ciphertext, ctext_len)))
790 goto done;
791
792 if (!TEST_true(ptext_len == sizeof(kMsg)))
793 goto done;
794
795 if (!TEST_true(memcmp(plaintext, kMsg, sizeof(kMsg)) == 0))
796 goto done;
797
798 ret = 1;
799done:
800 EVP_PKEY_CTX_free(pctx);
801 EVP_PKEY_CTX_free(kctx);
4803717f 802 EVP_PKEY_CTX_free(sctx);
ddb634fe
JL		 803 EVP_PKEY_CTX_free(cctx);
804 EVP_PKEY_free(pkey);
805 EVP_PKEY_free(params);
806 EVP_MD_CTX_free(md_ctx);
807 EVP_MD_CTX_free(md_ctx_verify);
808 OPENSSL_free(sig);
809 return ret;
810}
811
812#endif
813
bb5f281a
MC		 814static struct keys_st {
815 int type;
816 char *priv;
817 char *pub;
818} keys[] = {
819 {
820 EVP_PKEY_HMAC, "0123456789", NULL
821 }, {
822 EVP_PKEY_POLY1305, "01234567890123456789012345678901", NULL
823 }, {
824 EVP_PKEY_SIPHASH, "0123456789012345", NULL
896dcb80
MC		 825 },
826#ifndef OPENSSL_NO_EC
827 {
bb5f281a
MC		 828 EVP_PKEY_X25519, "01234567890123456789012345678901",
829 "abcdefghijklmnopqrstuvwxyzabcdef"
830 }, {
831 EVP_PKEY_ED25519, "01234567890123456789012345678901",
832 "abcdefghijklmnopqrstuvwxyzabcdef"
833 }, {
834 EVP_PKEY_X448,
835 "01234567890123456789012345678901234567890123456789012345",
836 "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcd"
837 }, {
838 EVP_PKEY_ED448,
839 "012345678901234567890123456789012345678901234567890123456",
840 "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcde"
841 }
896dcb80 842#endif
bb5f281a
MC		 843};
844
845static int test_set_get_raw_keys_int(int tst, int pub)
846{
847 int ret = 0;
848 unsigned char buf[80];
849 unsigned char *in;
850 size_t inlen, len = 0;
851 EVP_PKEY *pkey;
852
853 /* Check if this algorithm supports public keys */
854 if (keys[tst].pub == NULL)
855 return 1;
856
857 memset(buf, 0, sizeof(buf));
858
859 if (pub) {
860 inlen = strlen(keys[tst].pub);
861 in = (unsigned char *)keys[tst].pub;
862 pkey = EVP_PKEY_new_raw_public_key(keys[tst].type,
863 NULL,
864 in,
865 inlen);
866 } else {
867 inlen = strlen(keys[tst].priv);
868 in = (unsigned char *)keys[tst].priv;
869 pkey = EVP_PKEY_new_raw_private_key(keys[tst].type,
870 NULL,
871 in,
872 inlen);
873 }
874
875 if (!TEST_ptr(pkey)
876 || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, NULL, &len)))
877 || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, NULL, &len)))
878 || !TEST_true(len == inlen)
879 || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, buf, &len)))
880 || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, buf, &len)))
881 || !TEST_mem_eq(in, inlen, buf, len))
882 goto done;
883
884 ret = 1;
885 done:
886 EVP_PKEY_free(pkey);
887 return ret;
888}
889
890static int test_set_get_raw_keys(int tst)
891{
892 return test_set_get_raw_keys_int(tst, 0)
893 && test_set_get_raw_keys_int(tst, 1);
894}
895
2aee35d3
PY		 896static int pkey_custom_check(EVP_PKEY *pkey)
897{
898 return 0xbeef;
899}
900
b0004708
PY		 901static int pkey_custom_pub_check(EVP_PKEY *pkey)
902{
903 return 0xbeef;
904}
905
906static int pkey_custom_param_check(EVP_PKEY *pkey)
907{
908 return 0xbeef;
909}
910
2aee35d3
PY		 911static EVP_PKEY_METHOD *custom_pmeth;
912
913static int test_EVP_PKEY_check(int i)
914{
915 int ret = 0;
916 const unsigned char *p;
917 EVP_PKEY *pkey = NULL;
8a8bc665 918#ifndef OPENSSL_NO_EC
b0004708 919 EC_KEY *eckey = NULL;
8a8bc665 920#endif
2aee35d3
PY		 921 EVP_PKEY_CTX *ctx = NULL;
922 EVP_PKEY_CTX *ctx2 = NULL;
923 const APK_DATA *ak = &keycheckdata[i];
924 const unsigned char *input = ak->kder;
925 size_t input_len = ak->size;
926 int expected_id = ak->evptype;
927 int expected_check = ak->check;
b0004708
PY		 928 int expected_pub_check = ak->pub_check;
929 int expected_param_check = ak->param_check;
930 int type = ak->type;
931 BIO *pubkey = NULL;
2aee35d3
PY		 932
933 p = input;
b0004708 934
35db366c
DMSP		 935 switch (type) {
936 case 0:
937 if (!TEST_ptr(pkey = d2i_AutoPrivateKey(NULL, &p, input_len))
938 || !TEST_ptr_eq(p, input + input_len)
939 || !TEST_int_eq(EVP_PKEY_id(pkey), expected_id))
940 goto done;
941 break;
8a8bc665 942#ifndef OPENSSL_NO_EC
35db366c
DMSP		 943 case 1:
944 if (!TEST_ptr(pubkey = BIO_new_mem_buf(input, input_len))
945 || !TEST_ptr(eckey = d2i_EC_PUBKEY_bio(pubkey, NULL))
946 || !TEST_ptr(pkey = EVP_PKEY_new())
947 || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey, eckey)))
948 goto done;
949 break;
950 case 2:
951 if (!TEST_ptr(eckey = d2i_ECParameters(NULL, &p, input_len))
952 || !TEST_ptr_eq(p, input + input_len)
953 || !TEST_ptr(pkey = EVP_PKEY_new())
954 || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey, eckey)))
955 goto done;
956 break;
8a8bc665 957#endif
35db366c
DMSP		 958 default:
959 return 0;
960 }
2aee35d3
PY		 961
962 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new(pkey, NULL)))
963 goto done;
964
b0004708
PY		 965 if (!TEST_int_eq(EVP_PKEY_check(ctx), expected_check))
966 goto done;
967
968 if (!TEST_int_eq(EVP_PKEY_public_check(ctx), expected_pub_check))
969 goto done;
970
971 if (!TEST_int_eq(EVP_PKEY_param_check(ctx), expected_param_check))
972 goto done;
2aee35d3
PY		 973
974 ctx2 = EVP_PKEY_CTX_new_id(0xdefaced, NULL);
975 /* assign the pkey directly, as an internal test */
976 EVP_PKEY_up_ref(pkey);
977 ctx2->pkey = pkey;
978
979 if (!TEST_int_eq(EVP_PKEY_check(ctx2), 0xbeef))
980 goto done;
981
b0004708
PY		 982 if (!TEST_int_eq(EVP_PKEY_public_check(ctx2), 0xbeef))
983 goto done;
984
985 if (!TEST_int_eq(EVP_PKEY_param_check(ctx2), 0xbeef))
986 goto done;
987
2aee35d3
PY		 988 ret = 1;
989
990 done:
991 EVP_PKEY_CTX_free(ctx);
992 EVP_PKEY_CTX_free(ctx2);
993 EVP_PKEY_free(pkey);
b0004708 994 BIO_free(pubkey);
2aee35d3
PY		 995 return ret;
996}
997
10d5b415
MC		 998static int test_HKDF(void)
999{
1000 EVP_PKEY_CTX *pctx;
1001 unsigned char out[20];
1002 size_t outlen;
1003 int i, ret = 0;
1004 unsigned char salt[] = "0123456789";
1005 unsigned char key[] = "012345678901234567890123456789";
1006 unsigned char info[] = "infostring";
1007 const unsigned char expected[] = {
1008 0xe5, 0x07, 0x70, 0x7f, 0xc6, 0x78, 0xd6, 0x54, 0x32, 0x5f, 0x7e, 0xc5,
1009 0x7b, 0x59, 0x3e, 0xd8, 0x03, 0x6b, 0xed, 0xca
1010 };
1011 size_t expectedlen = sizeof(expected);
1012
1013 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)))
1014 goto done;
1015
1016 /* We do this twice to test reuse of the EVP_PKEY_CTX */
1017 for (i = 0; i < 2; i++) {
1018 outlen = sizeof(out);
1019 memset(out, 0, outlen);
1020
1021 if (!TEST_int_gt(EVP_PKEY_derive_init(pctx), 0)
1022 || !TEST_int_gt(EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()), 0)
1023 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt,
1024 sizeof(salt) - 1), 0)
1025 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_key(pctx, key,
1026 sizeof(key) - 1), 0)
1027 || !TEST_int_gt(EVP_PKEY_CTX_add1_hkdf_info(pctx, info,
1028 sizeof(info) - 1), 0)
1029 || !TEST_int_gt(EVP_PKEY_derive(pctx, out, &outlen), 0)
1030 || !TEST_mem_eq(out, outlen, expected, expectedlen))
1031 goto done;
1032 }
1033
1034 ret = 1;
1035
1036 done:
1037 EVP_PKEY_CTX_free(pctx);
1038
1039 return ret;
1040}
1041
5dc40a83
BE		 1042#ifndef OPENSSL_NO_EC
1043static int test_X509_PUBKEY_inplace(void)
1044{
1045 int ret = 0;
1046 X509_PUBKEY *xp = NULL;
1047 const unsigned char *p = kExampleECPubKeyDER;
1048 size_t input_len = sizeof(kExampleECPubKeyDER);
1049
1050 if (!TEST_ptr(xp = d2i_X509_PUBKEY(NULL, &p, input_len)))
1051 goto done;
1052
1053 if (!TEST_ptr(X509_PUBKEY_get0(xp)))
1054 goto done;
1055
1056 p = kExampleBadECPubKeyDER;
1057 input_len = sizeof(kExampleBadECPubKeyDER);
1058
1059 if (!TEST_ptr(xp = d2i_X509_PUBKEY(&xp, &p, input_len)))
1060 goto done;
1061
1062 if (!TEST_true(X509_PUBKEY_get0(xp) == NULL))
1063 goto done;
1064
1065 ret = 1;
1066
1067done:
1068 X509_PUBKEY_free(xp);
1069 return ret;
1070}
1071#endif
1072
847d0f81
MC		 1073
1074static int calculate_digest(const EVP_MD *md, const char *msg, size_t len,
1075 const unsigned char *exptd)
1076{
1077 unsigned char out[SHA256_DIGEST_LENGTH];
1078 EVP_MD_CTX *ctx;
1079 int ret = 0;
1080
1081 if (!TEST_ptr(ctx = EVP_MD_CTX_new())
1082 || !TEST_true(EVP_DigestInit_ex(ctx, md, NULL))
1083 || !TEST_true(EVP_DigestUpdate(ctx, msg, len))
1084 || !TEST_true(EVP_DigestFinal_ex(ctx, out, NULL))
1085 || !TEST_mem_eq(out, SHA256_DIGEST_LENGTH, exptd,
5a2bd6bc
MC		 1086 SHA256_DIGEST_LENGTH)
1087 || !TEST_true(md == EVP_MD_CTX_md(ctx)))
847d0f81
MC		 1088 goto err;
1089
1090 ret = 1;
1091 err:
1092 EVP_MD_CTX_free(ctx);
1093 return ret;
1094}
1095/*
1096 * Test EVP_MD_fetch()
1097 *
1098 * Test 0: Test with the default OPENSSL_CTX
1099 * Test 1: Test with an explicit OPENSSL_CTX
1100 * Test 2: Explicit OPENSSL_CTX with explicit load of default provider
1576dfe0
MC		 1101 * Test 3: Explicit OPENSSL_CTX with explicit load of default and fips provider
1102 * Test 4: Explicit OPENSSL_CTX with explicit load of fips provider
847d0f81
MC		 1103 */
1104static int test_EVP_MD_fetch(int tst)
1105{
1106 OPENSSL_CTX *ctx = NULL;
1107 EVP_MD *md = NULL;
1576dfe0 1108 OSSL_PROVIDER *defltprov = NULL, *fipsprov = NULL;
847d0f81
MC		 1109 int ret = 0;
1110 const char testmsg[] = "Hello world";
1111 const unsigned char exptd[] = {
1112 0x27, 0x51, 0x8b, 0xa9, 0x68, 0x30, 0x11, 0xf6, 0xb3, 0x96, 0x07, 0x2c,
1113 0x05, 0xf6, 0x65, 0x6d, 0x04, 0xf5, 0xfb, 0xc3, 0x78, 0x7c, 0xf9, 0x24,
1114 0x90, 0xec, 0x60, 0x6e, 0x50, 0x92, 0xe3, 0x26
1115 };
1116
1117 if (tst > 0) {
1118 ctx = OPENSSL_CTX_new();
1119 if (!TEST_ptr(ctx))
1120 goto err;
1121
1576dfe0
MC		 1122 if (tst == 2 || tst == 3) {
1123 defltprov = OSSL_PROVIDER_load(ctx, "default");
1124 if (!TEST_ptr(defltprov))
1125 goto err;
1126 }
1127 if (tst == 3 || tst == 4) {
1128 fipsprov = OSSL_PROVIDER_load(ctx, "fips");
1129 if (!TEST_ptr(fipsprov))
847d0f81
MC		 1130 goto err;
1131 }
1132 }
1133
1134 /* Implicit fetching of the MD should produce the expected result */
1135 if (!TEST_true(calculate_digest(EVP_sha256(), testmsg, sizeof(testmsg),
64f4fff7
MC		 1136 exptd))
1137 || !TEST_int_eq(EVP_MD_size(EVP_sha256()), SHA256_DIGEST_LENGTH)
1138 || !TEST_int_eq(EVP_MD_block_size(EVP_sha256()), SHA256_CBLOCK))
847d0f81 1139 goto err;
64f4fff7 1140
847d0f81 1141 /*
1576dfe0
MC		 1142 * Test that without specifying any properties we can get a sha256 md from a
1143 * provider.
847d0f81
MC		 1144 */
1145 if (!TEST_ptr(md = EVP_MD_fetch(ctx, "SHA256", NULL))
1146 || !TEST_ptr(md)
1147 || !TEST_int_eq(EVP_MD_nid(md), NID_sha256)
64f4fff7
MC		 1148 || !TEST_true(calculate_digest(md, testmsg, sizeof(testmsg), exptd))
1149 || !TEST_int_eq(EVP_MD_size(md), SHA256_DIGEST_LENGTH)
1150 || !TEST_int_eq(EVP_MD_block_size(md), SHA256_CBLOCK))
847d0f81
MC		 1151 goto err;
1152
1153 /* Also test EVP_MD_upref() while we're doing this */
1154 if (!TEST_true(EVP_MD_upref(md)))
1155 goto err;
1156 /* Ref count should now be 2. Release both */
1157 EVP_MD_meth_free(md);
1158 EVP_MD_meth_free(md);
1159 md = NULL;
1160
1161 /*
1576dfe0
MC		 1162 * In tests 0 - 2 we've only loaded the default provider so explicitly
1163 * asking for a non-default implementation should fail. In tests 3 and 4 we
1164 * have the FIPS provider loaded so we should succeed in that case.
847d0f81 1165 */
1576dfe0
MC		 1166 md = EVP_MD_fetch(ctx, "SHA256", "default=no");
1167 if (tst == 3 || tst == 4) {
1168 if (!TEST_ptr(md)
1169 || !TEST_true(calculate_digest(md, testmsg, sizeof(testmsg),
1170 exptd)))
1171 goto err;
1172 } else {
1173 if (!TEST_ptr_null(md))
1174 goto err;
1175 }
847d0f81 1176
1576dfe0
MC		 1177 EVP_MD_meth_free(md);
1178 md = NULL;
1179
1180 /*
1181 * Explicitly asking for the default implementation should succeeed except
1182 * in test 4 where the default provider is not loaded.
1183 */
1184 md = EVP_MD_fetch(ctx, "SHA256", "default=yes");
1185 if (tst != 4) {
1186 if (!TEST_ptr(md)
1187 || !TEST_int_eq(EVP_MD_nid(md), NID_sha256)
1188 || !TEST_true(calculate_digest(md, testmsg, sizeof(testmsg),
1189 exptd))
1190 || !TEST_int_eq(EVP_MD_size(md), SHA256_DIGEST_LENGTH)
1191 || !TEST_int_eq(EVP_MD_block_size(md), SHA256_CBLOCK))
1192 goto err;
1193 } else {
1194 if (!TEST_ptr_null(md))
1195 goto err;
1196 }
847d0f81
MC		 1197
1198 EVP_MD_meth_free(md);
1199 md = NULL;
1200
1576dfe0
MC		 1201 /*
1202 * Explicitly asking for a fips implementation should succeed if we have
1203 * the FIPS provider loaded and fail otherwise
1204 */
1205 md = EVP_MD_fetch(ctx, "SHA256", "fips=yes");
1206 if (tst == 3 || tst == 4) {
1207 if (!TEST_ptr(md)
1208 || !TEST_true(calculate_digest(md, testmsg, sizeof(testmsg),
1209 exptd)))
1210 goto err;
1211 } else {
1212 if (!TEST_ptr_null(md))
1213 goto err;
1214 }
1215
1216
847d0f81
MC		 1217 ret = 1;
1218
1219 err:
1220 EVP_MD_meth_free(md);
1576dfe0
MC		 1221 OSSL_PROVIDER_unload(defltprov);
1222 OSSL_PROVIDER_unload(fipsprov);
847d0f81
MC		 1223 OPENSSL_CTX_free(ctx);
1224 return ret;
1225}
1226
ad887416 1227int setup_tests(void)
71ea6b48 1228{
adcd8e37
RS		 1229 ADD_TEST(test_EVP_DigestSignInit);
1230 ADD_TEST(test_EVP_DigestVerifyInit);
2eb2b4f3 1231 ADD_TEST(test_EVP_Enveloped);
ad887416 1232 ADD_ALL_TESTS(test_d2i_AutoPrivateKey, OSSL_NELEM(keydata));
a9880362 1233#ifndef OPENSSL_NO_EC
adcd8e37 1234 ADD_TEST(test_EVP_PKCS82PKEY);
ddb634fe
JL		 1235#endif
1236#ifndef OPENSSL_NO_SM2
1237 ADD_TEST(test_EVP_SM2);
a6c4cb84 1238 ADD_TEST(test_EVP_SM2_verify);
a9880362 1239#endif
bb5f281a 1240 ADD_ALL_TESTS(test_set_get_raw_keys, OSSL_NELEM(keys));
2aee35d3
PY		 1241 custom_pmeth = EVP_PKEY_meth_new(0xdefaced, 0);
1242 if (!TEST_ptr(custom_pmeth))
1243 return 0;
1244 EVP_PKEY_meth_set_check(custom_pmeth, pkey_custom_check);
b0004708
PY		 1245 EVP_PKEY_meth_set_public_check(custom_pmeth, pkey_custom_pub_check);
1246 EVP_PKEY_meth_set_param_check(custom_pmeth, pkey_custom_param_check);
2aee35d3
PY		 1247 if (!TEST_int_eq(EVP_PKEY_meth_add0(custom_pmeth), 1))
1248 return 0;
1249 ADD_ALL_TESTS(test_EVP_PKEY_check, OSSL_NELEM(keycheckdata));
10d5b415 1250 ADD_TEST(test_HKDF);
5dc40a83
BE		 1251#ifndef OPENSSL_NO_EC
1252 ADD_TEST(test_X509_PUBKEY_inplace);
cad8347b
SL		 1253 ADD_ALL_TESTS(test_invalide_ec_char2_pub_range_decode,
1254 OSSL_NELEM(ec_der_pub_keys));
5dc40a83 1255#endif
1576dfe0 1256#ifdef NO_FIPS_MODULE
847d0f81 1257 ADD_ALL_TESTS(test_EVP_MD_fetch, 3);
1576dfe0
MC		 1258#else
1259 ADD_ALL_TESTS(test_EVP_MD_fetch, 5);
1260#endif
ad887416 1261 return 1;
71ea6b48 1262}
A mirror of the official openssl repository